Win more DoD contracts through achieving the correct
CMMC (Cybersecurity Maturity Model Certification)
qualification.
As of June 2020, many companies that work with the US DoD will need to meet CMMC requirements to bid on contracts. Companies cyber behaviour based on their controls and practices, will receive a level rating between 1 and 5, which will determine their eligibility to bid on certain contracts. Getvisibility are offering FREE CMMC ASSESSMENTS to relevant organisations to ensure you can make informed actions, ensuring you reach the maturity level needed to qualify for your desired DoD contract.
CMMC will come into effect from June 2020 for all DoD contractors
How CMMC Affects Your Organization
CMMC will be replacing the existing self-certification model under the Defense Federal Acquisition Regulation Supplement (DFARS) – more specifically NIST 800-171. It is a unified standard for implementing cybersecurity across the defense industrial base, this is estimated to be over 300,000 companies in the supply chain. So simply, if you currently comply with the existing DFARS and NIST 800-171 requirements you have taken the first step but the new CMMC guidelines establish new expectations and security controls that you must now comply with.
The CMMC is designed to improve protection of controlled unclassified information (CUI) and Covered Defense Information (CDI) within the supply chain.
Previously, contractors were responsible for implementing, monitoring and certifying the security of their information technology systems and any sensitive DoD information stored on or transmitted by those systems. Contractors will remain responsible for implementing critical cybersecurity requirements, but the CMMC now changes this pattern by requiring third-party assessments of contractors’ compliance with certain mandatory capabilities, practices and procedures that can adapt to new and evolving cyber threats from challengers. CMMC requirements will now be included in sections L and M of DoD requests for information as of June 2020, and in requests for proposals as of Sept. 2020.
<p”>
Organisations need to start identifying their gaps against their target CMMC
maturity level to lower their risk of being disqualified when contract bids are
released.
Getvisibility’s FREE CMMC Assessment
As basic cyber and data hygiene is required from even a level 1 contractor, an
understanding of your data landscape is essential for all DoD contractors. Most
organizations have enormous quantities of documents scattered across file servers, cloud infrastructure and personal devices and almost every DoD contractor will have files on their network that are considered sensitive under the CMMC.
Unfortunately, most organizations have no idea what this data is and they’re creating significantly more data on a daily basis. Getvisibility’s approach is to help companies understand their data footprint with the highest accuracy possible and control this data. Without this, unstructured data security simply cannot work.
What to expect from your assessment?
Getvisibility’s team of experts will work closely with your organisation to deal with your specific requirements to carry out a specific scan of CUI/FOUO for CMMC. The Getvisibility solution uses artificial intelligence and machine learning to quickly and accurately classify unstructured data across large data landscapes. Through market leading machine learning models, Getvisibility gives customers an unparalleled understanding of their posture in relation to:
• Governance and Compliance
• Redundant, Obsolete and Trivial Data
• Data Security
• Intellectual Property Protection
• Risk Analysis
• Permission Management
Key Highlights
Affected Organizations
• All companies who wish to successfully apply for a contract with the DoD
(estimated at 300,000 companies).
Key Points
• Contract success dependant on CMMC maturity level.
• Maturity level certification assessed by independent body.
Impact
• Organisations need to fully understand their security posture in relation to data.
